I’ve tried to make a call from my softphone with the incorrect credentials and my IP address isn’t getting banned. If I add the IP address of the softphone I’m using (with fail2ban-client set…) I can still make calls from this softphone.
[root@freepbx16oncentos fail2ban]# fail2ban-client status asterisk-iptables
Status for the jail: asterisk-iptables
|- filter
| |- File list: /var/log/asterisk/fail2ban
| |- Currently failed: 0
| `- Total failed: 0
`- action
|- Currently banned: 0
| `- IP list:
`- Total banned: 0
In the fail2ban logs I can also see several entries like this with the same IP addresses.
[2022-11-03 20:14:14] SECURITY[2246] res_security_log.c: SecurityEvent="FailedACL",EventTV="2022-11-03T20:14:14.685+0000",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="anonymous",SessionID="1182476902",LocalAddress="IPV4/UDP/178.62.239.52/5060",RemoteAddress="IPV4/UDP/20.111.56.186/5085",ACLName="registrar_attempt_without_configured_aors"
My maxretry is set to 5 but there are more than 5 attempts from several IPs in the logs. Does anyone know what I can be doing wrong?
